Code snippets, tech tricks and other bits and bobs

 

Tool causes Apache to freeze

When I read the headline, I thought they were talking about me...

http://www.h-online.com/open/news/item/Tool-causes-Apache-web-server-to-freez...

A previously unknown flaw in the code for processing byte range headers allows version 2.2.x of the Apache Web Server to be crippled from a single PC. A suitable "Apache Killer" Perl script that impressively demonstrates the problem has already been published on the Full Disclosure mailing list.

The tool sends GET requests with multiple "byte ranges" that will claim large portions of the system's memory space. A "byte range" statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.

No official patch has been released, but a functional workaround is to use rewrite rules that only allow a single range request in GET and HEAD headers. This should not present a problem for most applications. To enable the rules, administrators must load the Apache Web Server's mod_rewrite module.

Another suggested workaround is to use the mod_header module with the RequestHeader unset Range configuration to completely delete any range requests that may be contained in a header. However, this approach is likely to cause more problems than restricting the number of ranges. Admins should use the tool to test the effectiveness of their measures before others do it for them.

Filed under  //   Apache   Security   mod_rewrite  
Posted August 24, 2011
// 0 Comments
 

After Plesk update Apache fails - can't get fastcgi file info: dynamic, errno: 2

It seems the Plesk updater when used from the interface can be a bit of a shitter.

Updating from 9.2.2 to 9.2.3 all my sites on the server went down. No biggie, I'll just restart Apache.

Starting http: Syntax error on line 59 of /var/www/vhosts/{domain}/conf/httpd.include:


can't get fastcgi file info: dynamic, errno: 2


[FAILED]

Oh awesome...

Luckily some research revealed that the problem lies in /etc/psa/psa.conf where the php-cgi location gets changed to 'dynamic'

So, to fix it edit /etc/psa/psa.conf and search for the line

CGI_PHP_BIN dynamic

and replace 'dynamic' with the location of php-cgi for your OS flavour.

Examples (CHECK before using!)
CentOS 5: /usr/bin/php-cgi
Suse 10.3: /usr/bin/php-cgi5
Debian: /usr/bin/php5-cgi

So, for my server which is CentOS 5:

CGI_PHP_BIN /usr/bin/php-cgi

then rebuild config and restart Apache:
# /usr/local/psa/admin/sbin/websrvmng -v -a
# service httpd restart
Starting httpd:                                       [ OK ]
#

Source: http://forum.parallels.com/showthread.php?t=89939

Filed under  //   *nix   Apache   CentOS 5   PHP   Plesk 9   SSH   SysAdmin  
Posted September 29, 2010
// 0 Comments
 

mod_suphp kills your website on Plesk 9

This doesn't only happen in Plesk apparently as I have seen it reported with cPanel.

Essentially, after installing mod_suphp, if your website starts throwing error 404s when calling a file and shows the Plesk default page when visiting the site root, it's probably because the www prefix wasn't properly configured during domain setup. Essentially this is the same problem and solution as my last post, which was handy, cos I already had the solution once I worked out what the hell was going on, so see that post for the answer:

http://blog.absolutedisaster.co.uk/www-prefix-not-working-centos-5-plesk-922

Filed under  //   *nix   Apache   CentOS 5   Error 404   Plesk 9   SSH   SysAdmin   mod_suphp  
Posted September 23, 2010
// 0 Comments
 

'www' prefix not working - CentOS 5 & Plesk 9.2.2

If you don't tick the 'www' checkbox when creating a domain in Plesk, the CNAME record for www.{domain}.{tld} is not created.

However, simply changing the setting or creating the CNAME record is not enough to get it working - Apache config needs rebuilding.

So to fix the situation, follow these steps:

STEP 1

EITHER:

Change domain settings:
Plesk > Domain > {domain}.{tld} > Domain Administrator Access
Domain name: Check the 'WWW' box
[OK]

OR:

Create CNAME record:

Plesk > Domain > {domain}.{tld} > DNS Settings > Add Record
Record Type: CNAME
Enter domain name: www
Enter IP address: {Main IP address for domain}

[OK] 

STEP 2

Rebuild Apache config:

Login to server via SSH as 'root'

# /usr/local/psa/admin/sbin/websrvmng -v -a

OR

# /usr/local/psa/admin/bin/websrvmng -v -a

DONE

If you had 'www' enabled or the CNAME record in place already the change will be reflected instantly, otherwise you will have to wait for the DNS changes to propogate.

Thanks to GeeksPal for pointing out the config rebuild!
http://www.geekspal.com/plesk/‘www’-prefix-not-working-centos-5-plesk-9-2/

Filed under  //   Apache   CNAME   CentOS 5   DNS   Plesk 9   SSH   SysAdmin  
Posted September 15, 2010
// 0 Comments